New Analysis of Defense-in-Depth Architectures from Companies Around the World Reveals Growth in Advanced Attacks and Continued Security Gaps

MILPITAS, CA – January 8, 2015 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today released the report “Maginot Revisited: More Real-World Results from Real-World Tests.” “Maginot Revisited” is the second study of global companies’ defense-in-depth architectures to be made publicly available and takes a new look at the advanced attacks that targeted over 1,200 organizations during their real-world testing with FireEye. With a unique point to observe how existing security products perform in detecting advanced threats, the study concludes that signature-based firewalls, intrusion prevention systems (IPS), Web gateways, sandboxes, and anti-virus (AV) solutions – and various combinations of those tools – allowed about 27 percent of companies to be breached by advanced attacks.

“Maginot Line” and “Maginot Revisited” employ a first-of-their-kind approach to assessing the threat-readiness of today’s enterprises. The studies collect and evaluate security alerts that have bypassed organizations’ existing, active security solutions. These alerts encompass both attacks consistent with advanced persistent threat (APT) actors as well as commodity attacks that other, existing solutions should address. For “Maginot Revisited,” 1,214 businesses took part in this study from January 2014 to June 2014, installing FireEye technologies behind all other security solutions to test their efficacy.

“As we have seen over the last year, when just one advanced attack slips past the existing defenses of companies, it can have both a costly and debilitating impact that takes months to repair,” said Dave DeWalt, chairman of the board and CEO, FireEye. “The results of our Maginot studies clearly show that there are gaps in the way many global businesses are secured, opening the door for aggressive threat actors to conduct anything from state-sponsored espionage to cybercrime.”

Key findings from “Maginot Revisited” include:

100 percent of Retail organizations involved in the study were breached, with 17 percent of breaches consistent with advanced threats.

91 percent of Entertainment and Media organizations were breached during the study, with 18 percent of breaches consistent with advanced threats.

100 percent of participants in the Agriculture, Auto/Transportation, Education, and Healthcare/Pharmaceutical industries were breached during the study.

Over one-fourth (27 percent) of all organizations experienced breaches known to be consistent with tools and tactics used by advanced persistent threat (APT) actors.

The Aerospace/Defense industry was the most secure of the study, with 76 percent of organizations involved being compromised.

In addition, “Maginot Revisited” offers an in-depth analysis from FireEye Intelligence on what threats are most prevalent in the retail industry today. FireEye Senior Threat Intelligence Researcher Nart Villeneuve provides a look at the top retail-targeted malwares, their capabilities, and their histories, to help retail network defenders bolster their systems.